CVE-2005-0083

Name of the Vulnerable Software and Affected Versions MySQL MaxDB versions prior to 7.5.00

Description The issue allows remote attackers to cause a denial of service, resulting in an application crash, by providing invalid parameters to certain functions. These functions include DBMCli String::ReallocString, DBMCli String::operator, DBMCli Buffer::ForceResize, DBMCli Wizard::InstallDatabase, DBMCli Devspaces::Complete, DBMWeb TemplateWizard::askForWriteCountStep5, and DBMWeb DBMWeb::wizardDB. The crash is triggered by a null dereference.

Recommendations For versions prior to 7.5.00, as a temporary workaround, consider disabling the affected functions until a patch is available. Restrict access to the DBMCli String, DBMCli Buffer, DBMCli Wizard, DBMCli Devspaces, DBMWeb TemplateWizard, and DBMWeb DBMWeb modules to minimize the risk of exploitation. Avoid using invalid parameters in the affected functions to prevent the application crash. At the moment, there is no information about a newer version that contains a fix for this issue.